XStream
  1. XStream
  2. XSTR-762

private readResolve() called on superclass

    Details

    • Type: Bug Bug
    • Status: Closed Closed
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: 1.3.1, 1.4.7
    • Fix Version/s: 1.4.8
    • Component/s: Core
    • Labels:
      None
    • JDK version and platform:
      Oracle 1.7.0_40 for Windows

      Description

      This behavior is not consistent with java serialization, java serialization only calls readResolve() on superclass if visibility of this method is public or protected.

      See: ObjectStreamClass.getInheritableMethod

      As a result of this serialized classes may be replaced by superclass instances on deserialization.

      Workaround: Implement readresolve() in all subclasses.

        Activity

        Hide
        Jörg Schaible added a comment -

        Thanks for heads-up. Actually you found a bug present in XStream for more than 10 years

        Show
        Jörg Schaible added a comment - Thanks for heads-up. Actually you found a bug present in XStream for more than 10 years
        Jörg Schaible made changes -
        Field Original Value New Value
        Resolution Fixed [ 1 ]
        Fix Version/s 1.4.x Maintenance [ 19602 ]
        Status Open [ 1 ] Resolved [ 5 ]
        Hide
        Peter Plosz added a comment -

        Thanks for the fix.

        Show
        Peter Plosz added a comment - Thanks for the fix.
        Jörg Schaible made changes -
        Fix Version/s 1.4.x Maintenance [ 19602 ]
        Fix Version/s 1.4.8 [ 20992 ]
        Jörg Schaible made changes -
        Status Resolved [ 5 ] Closed [ 6 ]

          People

          • Assignee:
            Jörg Schaible
            Reporter:
            Peter Plosz
          • Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved: